Homepage Crypto Index Enigma Hagelin Fialka Siemens Philips Nema Transvertex Gretag Tadiran Racal USA Spy sets Burst encoders Intercept Covert Radio PC Kits Shop News Events Wanted Contact Links Philips PNVX Secure Crypto Phone Initially, Philips Usfa (later Philips Crypto) developed cipher equipment for the Dutch Department of Defense only. During the 1980s however, they started to develop equipment for the civil market as well. In 1988, development was started of a wide range of secure crypto phones, aimed at professional users, such as the Police, the Department of Justice, the Department of Defense, the Department of Foreign Affairs, etc.   The first generation of secure phones was the PNVX-20xx series, which was introduced around 1991. Depending on the required features, users had a choice between the PNVX-2015, PNVX-2017 and the PNVX-2019. The latter two (PNVX2017 and PNVX2019) also had a data-interface, allowing securing PC connections (data) as well. The image on the right, shows a typical PNVX-2017 secure crypto phone. The images below show some of its characteristics, such as the crypto and plain keys in close-up.    The PNVX-series allowed secure voice communication over standard telephone lines (PSTN). Unlike older and less advanced systems that used (analog) voice scrambling, the PNVX employed advanced digital enciphering. The analog voice signal from the microphone was first digitised and then enciphered with the built-in crypto unit. Deciphering was possible only if the person at the other end had a compatible crypto phone and the correct key. At the beginning of each secure sessions, both ends had to synchronise (12 to 24 seconds) and advanced authentication protocols were used to exchange the keys and the user's identity.   Personal Key Card Each user of the PNVX crypto phone was issued a so-called TB-100 Personal Key Card. The card had the same size as a standard credit card, but contained a micro chip with the user's unique personal key, identity and other information. Secure communication was only possible if the user's key card was inserted into a slot at the right of the phone and the matching Personal Identification Number (PIN) had been entered. At the beginning of each secure crypto session, the identification of the person at the other end would appear in the display, so that you could check wether that person was who he said he was. Examples of such key cards in the images below.   The PNVX-20xx series was followed by the PNVX-21xx series (1994) and finally the PNVX-63xx series in 1995. Several variations of the same principle were developed, such as a complete Crypto Switch (telephone exchange) and a separate encryptor for (analog) mobile communication networks (PNVX 2111). The PNVX-63xx series was developed especially for use by the Dutch government. The following models are currently known:   PNVX 2015, Secure Telephone PNVX 2017, Secure Telephone (with data interface) PNVX 2019, Secure Telephone (with data interface and extra functions) PNVX 2118, Secure Telephone PNVX 2111, Speech Encryptor PNVX 2116, Crypto Switch PLDX 6142, Line Encryptor PNVX 6317, Crypto Telephone (for government use) PNVX 6318, Crypto Telephone (for government use) PFDX 6335, Fax Encryptor (for government use) PPSX 6361, X.25 line encryptor PNVX and PFDX The name PNVX is the abbreviation of Philips Narrow-band Voice Encryptor. The letter 'X' is used here for 'Crypto' as with all other Philips Usfa crypto equipment. The abbreviation PFDX stands for Philips Fax and Data Encryptor. The internal designators for all secure phone products started with 'UP' followed by the model number, e.g. UP-2017 for the PNVX-2017 phone. The prefix 'UP' is most likely the abbreviation of Usfa Phone.   Spendex 40 Under certain circumstances the PNVX 6317 could be made interoperable with the ruggedised military Spendex 40 crypto phone. In that case, the TB-100 key card of the PNVX would act like the CIK (Crypto Ignition Key) of the Spendex 40. Military users of these phones, would generally use a PNVX at the office and a Spendex 40 in the field. Later, when PNVX phones became mainstream items in the Dutch Department of Defence, Spendex 40 phones were gradually phased out in favour of PNVX phones.   Declassified For a long time, Philips PNVX phones have been approved and used for secure voice communication up to the level of state secret, confidential and NATO secret (PNVX-6317/6318), even after the demise of Philips Crypto in 2003. As of 1 January 2010, the approval has officially been withdrawn by the NBV [6] and the PNVX phones are no longer classified items.   Technical specifications For the encryption/decryption of voice data, the PNVX used a stream cipher that uses the well known principle of modulo-2 addition (XOR) to mix the data and the key stream. The length of the key was 120 bits and the system allowed more than 1038 different keys to be used. Once started, the key stream had a cycle length of more than 10,000 years, meaning that the key stream would not repeat itself within that period. The key stream was generated by an in-house (Philips) developed algorithm that was hard-wired inside a sealed crypto module. It was, however, also possible to implement the customer's own algorithm, adding in a bit of security by obscurity on top of the security by complexity the system already had. For key management, the PNVX used a hierarchic matrix system that allowed up to 2000 users per group. Only users of the same group could communicate with each other. The actual key (group key and personal key) was stored on a separate key card (see above) which was used in combination with a PIN that had to be entered on the phone's keypad. For authentication at the beginning of a crypto session, the PNVX used peer entity authentication, which guarantees that the other party is indeed the one it claims to be. When sychronising two PNVX phones at the beginning of a crypto session, a randomly generated information key of 64 bits was used in combination with synchronisation check series (in-sync checks). The PNVX was suitable for connection to standard PSTN (analog) telephone lines, using either pulse dialling (IDK) or dual tone DTMF (TDK) operation. It complied with the rules and regulation in the Netherlands, which were similar to the requirements in other countries. Speech was first digitised using a 10-bit AD convertor and then processed by an LPC-10 vocoder in order to minimise the data rate to 2400 bits/s (baud). LPC-10 was a Linear Predictive Coding standard developed by the United States Department of Defense for use by NATO. It is also known as FS-1015 or STANAG-4198. It reduced the audio quality somewhat, but would still be better than 85% DRT. Computer data could be transmitted at the same speed (2400 baud) when connected to the V24 connection at the rear of the unit (PNVX 2017 and PNVX 2019 only).   Similar secure phones Philips Spendex 40 Motorola SECTEL 9600 STU-III References Philips Crypto BV, PNVX 2015, PNVX 2017, PNVX 2019 Operating Instructions Philips Usfa BV, High Grade Secure Telephone Set, System Descryption Philips Usfa BV, PNVX 6318 Crypto and System Installation Guide Philips Crypto BV, PNVX 211Y Product Family Brochure Philips Crypto BV, PNVX 6318, PFDX 6335 Brochure Nationaal Bureau voor Verbindingsbeveiliging (NBV, part of the AIVD), List of approved crypto products (Dutch) Further information LPC-10 Vocoder on Wikipedia (a.k.a. FS-1015) Spendex-40, military crypto phone DBT, another military crypto phone Other Philips Usfa crypto machines Background information about Philips Usfa Other cipher machines Any links shown in red are currently unavailable. © Copyright 2009-2010, Paul Reuvers & Marc Simons If you like this website, why not make a donation? Last changed: Thu,26 Aug 2010.18:39:43